From: Mariusz Tkaczyk <mariusz.tkaczyk@linux.intel.com>
To: Xiao Ni <xni@redhat.com>
Cc: jes@trained-monkey.org, linux-raid@vger.kernel.org
Subject: Re: [PATCH 3/4] mdadm: Avoid array bounds check of gcc
Date: Thu, 28 Sep 2023 11:41:49 +0200 [thread overview]
Message-ID: <20230928114149.000016a1@linux.intel.com> (raw)
In-Reply-To: <20230927025219.49915-4-xni@redhat.com>
On Wed, 27 Sep 2023 10:52:18 +0800
Xiao Ni <xni@redhat.com> wrote:
> With gcc version 13.2.1 20230918 (Red Hat 13.2.1-3) (GCC), it reports error:
> super-ddf.c:1988:58: error: array subscript -1 is below array bounds of
> ‘struct phys_disk_entry[0]’ [-Werror=array-bounds=]
> The subscrit is defined as int type. And it can be smaller than 0.
If it can be smaller that 0 then it is something we need to fix.
I think that it comes from here:
info->disk.raid_disk = find_phys(ddf, ddf->dlist->disk.refnum);
info->data_offset = be64_to_cpu(ddf->phys->
entries[info->disk.raid_disk].
config_size);
find_phys can return -1.
It is handled few lines bellow. I don't see reason why we cannot handle it here
too.
if (info->disk.raid_disk >= 0)
pde = ddf->phys->entries + info->disk.raid_disk;
I think that it will be fair to abort because metadata seems to be corrupted.
We are referring to info->disk.raid_disk from many places. We cannot return
error because it is void, we can just return.
> To avoid this error, add -Wno-array-bounds flag in Makefile.
If you want do it this way please provide strong justification. We are
disabling check in all code to hide particular case. It will not prevent us
from similar mistakes during development in the future.
Thanks,
Mariusz
next prev parent reply other threads:[~2023-09-28 9:42 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-09-27 2:52 [PATCH 0/4] mdadm: Fix some errors for regression tests and building Xiao Ni
2023-09-27 2:52 ` [PATCH 1/4 v2] mdadm/tests: Fix regular expression failure Xiao Ni
2023-09-28 9:24 ` Mariusz Tkaczyk
2023-10-07 13:35 ` Xiao Ni
2023-10-26 21:39 ` Jes Sorensen
2023-09-27 2:52 ` [PATCH 2/4 v2] mdadm/tests: Don't run mknod before losetup Xiao Ni
2023-09-28 9:27 ` Mariusz Tkaczyk
2023-10-26 21:44 ` Jes Sorensen
2023-09-27 2:52 ` [PATCH 3/4] mdadm: Avoid array bounds check of gcc Xiao Ni
2023-09-27 4:29 ` Paul Menzel
2023-09-27 5:06 ` Xiao Ni
2023-09-28 9:41 ` Mariusz Tkaczyk [this message]
2023-10-07 13:26 ` Xiao Ni
2023-10-09 7:59 ` Mariusz Tkaczyk
2023-09-27 2:52 ` [PATCH 4/4] mdadm: Print version to stdout Xiao Ni
2023-09-28 9:53 ` Mariusz Tkaczyk
2023-10-07 12:58 ` Xiao Ni
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230928114149.000016a1@linux.intel.com \
--to=mariusz.tkaczyk@linux.intel.com \
--cc=jes@trained-monkey.org \
--cc=linux-raid@vger.kernel.org \
--cc=xni@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.